The recent DDoS attacks have shone a bright spotlight on the security problems within the Internet of Things. The attacks are also a reminder that cloud security is still a work in progress.
That’s not to say that the cloud isn’t secure; instead, the problem may be the way we think about security and the cloud, as InfoWorld explained:
With DDoS attacks, the tendency is to focus on organizations directly affected. Thus, when hacktivists target financial services or gaming sites, the victims are those trying to access those applications. The information is intact, albeit temporarily unavailable.
With Dyn, however, the target was core internet infrastructure, which means any organization that relies on Dyn or works with a service provider dependent on Dyn is affected.
Justin Harvey, security consultant to Gigamon and former chief security officer at Fidelis Cybersecurity, agreed with that assessment, stating in an email comment that our focus when it comes to cybersecurity tends to be pretty narrow, with the primary concerns being protecting confidentiality and integrity of data, usually from data breaches and theft. DDoS attacks, as stated above, tend to avoid those two types of security issues. But this recent attack showed just how important it is to consider availability of the data in our cybersecurity plans. Harvey added:
In the wake of these massive denial of service attacks, it shows that many companies were (are) not prepared for actors that are looking to affect the availability of the services they provide. With today's movement to the cloud, as more companies seek to virtualize and expand their external footprints, many organizations simply do not know where their critical networks and systems are.
The first step to a comprehensive cybersecurity strategy is to know where your critical information and assets are and build visibility at every level of the architecture, Harvey continued, adding that without knowing where everything is, you can’t protect it.
This DDoS attack showed, too, just how interconnected everything is. There is a tendency to put everything into its own box – the network is separate from data is separate from the cloud is separate from IoT, and our security plans tend to follow that train of thought. But as Paul Calatayud, CTO of FireMon, told ZDNet:
DDoS is not a new form of attack in and of itself, but methods and strategies around DDoS continue to evolve in the form of larger and more orchestrated attacks. What causes me to pause and reflect most in regards to this breaking news is that Dyn DNS is a DNS Software-as-a-Service (SaaS) provider. Its core job is to host and manage DNS services for its clients. The impact and harm has a ripple effect.
Sue Marquette Poremba has been writing about network security since 2008. In addition to her coverage of security issues for IT Business Edge, her security articles have been published at various sites such as Forbes, Midsize Insider and Tom's Guide. You can reach Sue via Twitter: @sueporemba.